US8156228B1 - Method and apparatus to enable confidential browser referrals - Google Patents

Method and apparatus to enable confidential browser referrals Download PDF

Info

Publication number
US8156228B1
US8156228B1 US11/864,348 US86434807A US8156228B1 US 8156228 B1 US8156228 B1 US 8156228B1 US 86434807 A US86434807 A US 86434807A US 8156228 B1 US8156228 B1 US 8156228B1
Authority
US
United States
Prior art keywords
server
placeholder
referral
information
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US11/864,348
Inventor
Brian Hernacki
Sourabh Satish
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CA Inc
Original Assignee
Symantec Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Symantec Corp filed Critical Symantec Corp
Priority to US11/864,348 priority Critical patent/US8156228B1/en
Assigned to SYMANTEC CORPORATION reassignment SYMANTEC CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SATISH, SOURABH, HERNACKI, BRIAN
Assigned to SYMANTEC CORPORATION reassignment SYMANTEC CORPORATION ADDRESS CHANGE OF ASSIGNEE Assignors: SYMANTEC CORPORATION
Application granted granted Critical
Publication of US8156228B1 publication Critical patent/US8156228B1/en
Assigned to CA, INC. reassignment CA, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SYMANTEC CORPORATION
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/563Data redirection of data network streams

Definitions

  • Embodiments of the present invention generally relate to network computing and, more particularly, to a method and apparatus for facilitating a blind referral within a network environment wherein browsers are used.
  • one server may refer a browser to another server to either receive certain information or to authorize a user for specific access. For example, upon selecting a specific link in a first server, the browser is referred to a second server for user identity verification. The second server confirms the identity of the user and refers the browser back to the first server with information that enables the user to access the information at the link.
  • a client computer is required to disclose information about the first server to the second server.
  • the second server needs the first server information in order to refer back to the first server upon redirection, i.e., after user identity confirmation.
  • intercepting this list enables someone to know a user's history.
  • Such information may provide a list of secure sites used by the user or may merely disclose types of sites the user enjoys visiting. In either case, this information is private information. No solution exists that prevents the second server (or any interceptor) from finding out about the client's use of the first server, and any other servers that are in the referral chain.
  • Embodiments of the present invention comprise a method and apparatus for facilitating a blind referral.
  • One embodiment of the invention is a method of facilitating a blind referral comprising producing a referral communication for referring a client computer from a connection with a first server to a second server, wherein the referral communication comprises first server information defining a location of the first server, generating a placeholder for the first server information in the referral communication, and replacing the first server information with the placeholder in communications with the second server during the referral communication.
  • FIG. 1 is a block diagram of a computer system according to various embodiments of the present invention.
  • FIG. 2 is a flow chart of a method for facilitating a blind referral according to an embodiment of the present invention.
  • FIG. 3 is another flow chart of a method for facilitating a blind referral according to various embodiments of the present invention.
  • FIG. 1 is a block diagram of a computer system 100 according to various embodiments of the present invention.
  • the computer system 100 comprises a client computer 102 , a first server 104 , and a second server 106 running several applications and connected to a network 108 that generally forms a portion of the Internet which may comprise various sub-networks such as Ethernet networks, local area networks, wide area networks, wireless networks, and the like.
  • a network 108 that generally forms a portion of the Internet which may comprise various sub-networks such as Ethernet networks, local area networks, wide area networks, wireless networks, and the like.
  • the hardware depicted in the FIG. 1 may vary from one computer system to another.
  • other peripheral devices such as optical disk drives, graphics card, data storage devices, various other input devices, peripherals and the like, may also be used in addition to or in place of the hardware depicted.
  • the network 108 provides access to the client computer 102 for various applications located on the first server 104 and the second server 106 .
  • the first server 104 comprises, without limitation, a CPU 124 , support circuits 126 , and a memory 128 .
  • the CPU 124 may be one or more of any commercially available microprocessors or microcontrollers.
  • the support circuits 126 comprise circuits and devices that are used in support of the operation of the CPU 124 . Such support circuits include, for example, one or more of cache, input/output circuits, system bus, PCI bus, clock circuits, power supplies or the like.
  • the memory 128 may comprise random access memory, read only memory, optical memory, disk drives, removable memory, and the like. Various types of software processes or modules and information are resident within the memory 128 .
  • the Web Page Data module 130 may store the first server information that is used in a referral communication (e.g., a data segment in HTTP protocol).
  • Application module 132 may be any application of interest to the user of client computer 104 e.g., a browser.
  • the second server 106 comprises, without limitation, a CPU 134 , support circuits 136 , and a memory 138 .
  • the CPU 134 may be one or more of any commercially available microprocessors or microcontrollers.
  • the support circuits 136 comprise circuits and devices that are used in support of the operation of the CPU 134 . Such support circuits include, for example, one or more of cache, input/output circuits, system bus, PCI bus, clock circuits, power supplies or the like.
  • the memory 138 may comprise random access memory, read only memory, optical memory, disk drives, removable memory, and the like. Various types of software processes or modules and information are resident within the memory 138 .
  • the web page data module 140 may store website information about a user of client computer 102 , e.g., data segments in HTTP protocol for every website recently visited by the user of client computer 102 .
  • Application 144 may comprise software enables communications with the client computer 102 (e.g., completion of an age or identity verification) and then redirect the client computer to the first server 104 .
  • the client computer 102 comprises, also without limitation, a CPU 110 , support circuits 112 , and a memory 114 .
  • the CPU 110 may be one or more of any commercially available microprocessors or microcontrollers.
  • the support circuits 112 comprise circuits and devices that are used in support of the operation of the CPU 110 Such support circuits include, for example, one or more of cache, input/output circuits, system bus, PCI bus, clock circuits, power supplies or the like.
  • the memory 114 may comprise random access memory, read only memory, optical memory, disk drives, removable memory, and the like. Various types of software processes or modules and information are resident within the memory 114 .
  • the module 118 comprises mapping information in accordance with certain aspects of the present invention.
  • the mapping information contains data that matches a placeholder generated by blind referral module 120 to the first server 104 address information.
  • the placeholder is a set of dummy characters or may be a dummy address.
  • the mapping information 118 and blind referral module 120 may form a portion of or may be coupled to a browser 122 .
  • FIG. 2 depicts a flow diagram of method 200 for facilitating a blind referral.
  • the method 200 begins at step 202 and proceeds to step 204 , wherein the method 200 ascertains if a referral communication has been initiated. If no referral communication is detected (option “No”), the method ends at step 212 .
  • the referral communication is detected when the browser 122 is informed that the first server 104 is redirecting the browser 122 to the second server 106 .
  • a placeholder for a first server information is generated (e.g., a set of dummy characters or a dummy address).
  • the placeholder may also comprise at least one of a hash value, a client identification, a service identification, a proxy server, or a random alphanumeric string of characters.
  • the first server information (e.g., a data segment in HTTP protocol for every website recently visited by the user of client computer 102 ) is replaced with the placeholder.
  • the HTTP protocol cannot be analyzed to determine that the first server was visited by the user.
  • the method 200 stores the first server information and the placeholder as mapping information.
  • the browser uses the mapping information to identify the first server and redirect the connection to that server as described below. The method, again, ends at step 212 .
  • FIG. 3 depicts a flow diagram of a method 300 for performing a referral communication in accordance with an alternative embodiment of the invention wherein the second server redirects the browser back to the first server.
  • the method begins at step 302 and proceeds to step 304 , wherein the method 300 ascertains if a referral communication has been initiated, e.g., has the browser detected a redirection. If a referral communication is not detected at step 304 (option “No”), the method ends at step 318 .
  • a first server tag e.g., a data segment in HTTP protocol
  • the blind referral module such as the blind referral module 120 that is resident in the client computer 102 , generates a placeholder tag (e.g., an HTTP tag for HTTP headers).
  • the placeholder tag is mapped to the first server tag. That is, for example, blind referral module 120 may relate the first server tag to the placeholder tag in a look-up table stored in the memory 114 as mapping information 118 .
  • the client computer 102 may communicate with the second server 106 using the placeholder tag which, for example, has been placed in the first server HTTP header. Now, the second server 106 does not have any information regarding the identity of the first server 104 .
  • the client computer 102 is redirected by the blind referral module 120 to the placeholder address, at step 314 .
  • the blind referral module 120 extracts the placeholder tag and replaces it with the first server tag using the mapped information. Accordingly, the second server 106 blindly refers the client computer 102 to the first server 104 . In this manner a client computer always maintains control of the referral information.
  • Method 300 ends at step 318 .
  • the placeholder generated for the second server is verified using a security service coupled to the second server.

Abstract

A method of facilitating a blind referral comprising producing a referral communication for referring a client computer from a connection with a first server to a second server, wherein the referral communication comprises first server information defining a location of the first server, generating a placeholder for the first server information in the referral communication, and replacing the first server information with the placeholder in communications with the second server during the referral communication.

Description

BACKGROUND OF THE INVENTION
1. Field of the Invention
Embodiments of the present invention generally relate to network computing and, more particularly, to a method and apparatus for facilitating a blind referral within a network environment wherein browsers are used.
2. Description of the Related Art
When using a browser, one server may refer a browser to another server to either receive certain information or to authorize a user for specific access. For example, upon selecting a specific link in a first server, the browser is referred to a second server for user identity verification. The second server confirms the identity of the user and refers the browser back to the first server with information that enables the user to access the information at the link.
During conventional referrals, a client computer is required to disclose information about the first server to the second server. In most cases, the second server needs the first server information in order to refer back to the first server upon redirection, i.e., after user identity confirmation. This creates privacy and security issues for the user of the client computer, i.e., the HTTP information is tagged with every website the browser has recently visited. As such, intercepting this list enables someone to know a user's history. Such information may provide a list of secure sites used by the user or may merely disclose types of sites the user enjoys visiting. In either case, this information is private information. No solution exists that prevents the second server (or any interceptor) from finding out about the client's use of the first server, and any other servers that are in the referral chain.
Accordingly, there exists a need for a method and apparatus that facilitates blind referrals within a network computing environment wherein browsers are used.
SUMMARY OF THE INVENTION
Embodiments of the present invention comprise a method and apparatus for facilitating a blind referral. One embodiment of the invention is a method of facilitating a blind referral comprising producing a referral communication for referring a client computer from a connection with a first server to a second server, wherein the referral communication comprises first server information defining a location of the first server, generating a placeholder for the first server information in the referral communication, and replacing the first server information with the placeholder in communications with the second server during the referral communication.
BRIEF DESCRIPTION OF THE DRAWINGS
So that the manner in which the above recited features of the present invention can be understood in detail, a more particular description of the invention, briefly summarized above, may be had by reference to embodiments, some of which are illustrated in the appended drawings. It is to be noted, however, that the appended drawings illustrate only typical embodiments of this invention and are therefore not to be considered limiting of its scope, for the invention may admit to other equally effective embodiments.
FIG. 1 is a block diagram of a computer system according to various embodiments of the present invention;
FIG. 2 is a flow chart of a method for facilitating a blind referral according to an embodiment of the present invention; and
FIG. 3 is another flow chart of a method for facilitating a blind referral according to various embodiments of the present invention.
While the invention is described herein by way of example using several embodiments and illustrative drawings, those skilled in the art will recognize that the invention is not limited to the embodiments of drawing or drawings described. It should be understood that the drawings and detailed description thereto are not intended to limit the invention to the particular form disclosed, but on the contrary, the invention is to cover all modifications, equivalents and alternatives falling within the spirit and scope of the present invention as defined by the appended claims. The headings used herein are for organizational purposes only and are not meant to be used to limit the scope of the description or the claims. As used throughout this application, the word “may” is used in a permissive sense (i.e., meaning having the potential to), rather than the mandatory sense (i.e., meaning must). Similarly, the words “include,” “including,” and “includes” mean including, but not limited to. Further, the word “a” means at least one.
DETAILED DESCRIPTION
FIG. 1 is a block diagram of a computer system 100 according to various embodiments of the present invention. The computer system 100 comprises a client computer 102, a first server 104, and a second server 106 running several applications and connected to a network 108 that generally forms a portion of the Internet which may comprise various sub-networks such as Ethernet networks, local area networks, wide area networks, wireless networks, and the like. Those skilled in the art will appreciate that the hardware depicted in the FIG. 1 may vary from one computer system to another. For example, other peripheral devices, such as optical disk drives, graphics card, data storage devices, various other input devices, peripherals and the like, may also be used in addition to or in place of the hardware depicted. The network 108 provides access to the client computer 102 for various applications located on the first server 104 and the second server 106.
The first server 104 comprises, without limitation, a CPU 124, support circuits 126, and a memory 128. The CPU 124 may be one or more of any commercially available microprocessors or microcontrollers. The support circuits 126 comprise circuits and devices that are used in support of the operation of the CPU 124. Such support circuits include, for example, one or more of cache, input/output circuits, system bus, PCI bus, clock circuits, power supplies or the like. The memory 128 may comprise random access memory, read only memory, optical memory, disk drives, removable memory, and the like. Various types of software processes or modules and information are resident within the memory 128. For example, various processes such as an Operating System (OS) kernel (not shown), a software library (not shown), and software modules, for example, Web Page Data modules 130, and Application module 132 are illustrated as being resident in the memory 128. The Web Page Data module 130 may store the first server information that is used in a referral communication (e.g., a data segment in HTTP protocol). Application module 132 may be any application of interest to the user of client computer 104 e.g., a browser.
The second server 106 comprises, without limitation, a CPU 134, support circuits 136, and a memory 138. The CPU 134 may be one or more of any commercially available microprocessors or microcontrollers. The support circuits 136 comprise circuits and devices that are used in support of the operation of the CPU 134. Such support circuits include, for example, one or more of cache, input/output circuits, system bus, PCI bus, clock circuits, power supplies or the like. The memory 138 may comprise random access memory, read only memory, optical memory, disk drives, removable memory, and the like. Various types of software processes or modules and information are resident within the memory 138. For example, various processes such as an Operating System (OS) kernel (not shown), a software library (not shown), and software modules, for example, web page data module 140, and application module 144 are illustrated as being resident in the memory 138. The web page data module 140 may store website information about a user of client computer 102, e.g., data segments in HTTP protocol for every website recently visited by the user of client computer 102. Application 144 may comprise software enables communications with the client computer 102 (e.g., completion of an age or identity verification) and then redirect the client computer to the first server 104.
The client computer 102 comprises, also without limitation, a CPU 110, support circuits 112, and a memory 114. The CPU 110 may be one or more of any commercially available microprocessors or microcontrollers. The support circuits 112 comprise circuits and devices that are used in support of the operation of the CPU 110 Such support circuits include, for example, one or more of cache, input/output circuits, system bus, PCI bus, clock circuits, power supplies or the like. The memory 114 may comprise random access memory, read only memory, optical memory, disk drives, removable memory, and the like. Various types of software processes or modules and information are resident within the memory 114. For example, various processes such as an Operating System (OS) kernel (not shown), a software library (not shown), and software modules, for example, modules 118, 120, 122, are illustrated as being resident in the memory 114. The module 118 comprises mapping information in accordance with certain aspects of the present invention. The mapping information contains data that matches a placeholder generated by blind referral module 120 to the first server 104 address information. Generally, the placeholder is a set of dummy characters or may be a dummy address. The mapping information 118 and blind referral module 120 may form a portion of or may be coupled to a browser 122.
One embodiment of the present invention is a method that is performed by the browser 122 of FIG. 1 for facilitating a blind referral. For example, FIG. 2 depicts a flow diagram of method 200 for facilitating a blind referral. The method 200 begins at step 202 and proceeds to step 204, wherein the method 200 ascertains if a referral communication has been initiated. If no referral communication is detected (option “No”), the method ends at step 212. The referral communication is detected when the browser 122 is informed that the first server 104 is redirecting the browser 122 to the second server 106.
If the referral communication is detected (option “Yes”), then at step 206, a placeholder for a first server information is generated (e.g., a set of dummy characters or a dummy address). The placeholder may also comprise at least one of a hash value, a client identification, a service identification, a proxy server, or a random alphanumeric string of characters.
At step 208, the first server information (e.g., a data segment in HTTP protocol for every website recently visited by the user of client computer 102) is replaced with the placeholder. As such, the HTTP protocol cannot be analyzed to determine that the first server was visited by the user. To facilitate redirection back to the first server, the method 200 stores the first server information and the placeholder as mapping information. When redirection is needed, the browser uses the mapping information to identify the first server and redirect the connection to that server as described below. The method, again, ends at step 212.
FIG. 3 depicts a flow diagram of a method 300 for performing a referral communication in accordance with an alternative embodiment of the invention wherein the second server redirects the browser back to the first server. The method begins at step 302 and proceeds to step 304, wherein the method 300 ascertains if a referral communication has been initiated, e.g., has the browser detected a redirection. If a referral communication is not detected at step 304 (option “No”), the method ends at step 318.
If it is ascertained that a referral communication has been initiated (option “Yes”), then, at step 306, a first server tag (e.g., a data segment in HTTP protocol) is extracted from the referral communication. Next, at step 308, the blind referral module such as the blind referral module 120 that is resident in the client computer 102, generates a placeholder tag (e.g., an HTTP tag for HTTP headers). In step 310, the placeholder tag is mapped to the first server tag. That is, for example, blind referral module 120 may relate the first server tag to the placeholder tag in a look-up table stored in the memory 114 as mapping information 118. At step 312, after the placeholder is mapped, the client computer 102 may communicate with the second server 106 using the placeholder tag which, for example, has been placed in the first server HTTP header. Now, the second server 106 does not have any information regarding the identity of the first server 104.
Once the second server 106 has finished communicating with the client computer 102 (e.g., completion of an age or identity verification), the client computer 102 is redirected by the blind referral module 120 to the placeholder address, at step 314. At step 316, the blind referral module 120 extracts the placeholder tag and replaces it with the first server tag using the mapped information. Accordingly, the second server 106 blindly refers the client computer 102 to the first server 104. In this manner a client computer always maintains control of the referral information. Method 300 ends at step 318.
In yet another embodiment of the present invention, the placeholder generated for the second server is verified using a security service coupled to the second server.
While the foregoing is directed to embodiments of the present invention, other and further embodiments of the invention may be devised without departing from the basic scope thereof, and the scope thereof is determined by the claims that follow.

Claims (10)

What is claimed is:
1. A method of facilitating a blind referral, comprising:
producing a referral communication for referring a client computer from a connection with a first server to a second server, wherein the referral communication comprises first server information defining a location of the first server, wherein the referral communication refers the client computer to the second server to authenticate at least one of an identity, a source of funds, or an age of a user;
generating a placeholder for the first server information in the referral communication, wherein the placeholder comprises at least one of a hash value, a client computer identification, a service identification, a proxy server, or a random alphanumeric character string, and wherein the random alphanumeric character string comprises a set of dummy characters or a dummy address; and replacing the first server information with the placeholder in communications with the second server during the referral communication to prevent the second server from learning an identity of the first server such that the second server receives the placeholder instead of the first server information.
2. The method of claim 1, wherein the step of replacing further comprises replacing the first server information with the placeholder in the referral communication upon redirection from the first server to the second server.
3. The method of claim 1, further comprising mapping the placeholder to the first server information to produce mapping information.
4. The method of claim 3, further comprising
extracting the placeholder from the referral communication upon redirection of the client computer from the second server to the first server;
determining the first server information mapped to the placeholder using the mapping information; and
replacing the placeholder with the first server information to enable redirection from the second server to the first server.
5. A method of facilitating a blind referral, comprising:
producing an HTTP referral communication for referring a client computer from a first server to a second server, wherein the referral communication comprises a first server tag, wherein the HTTP referral communication enables redirection of the client computer to the second server to perform at least one of authenticating at least one of an identity, a source of funds, or an age of a user;
generating a placeholder tag, wherein the placeholder tag comprises at least one of a hash value, a client name, a security service, a proxy server, or a random alphanumeric, and wherein the random alphanumeric comprises a set of dummy characters or a dummy address;
replacing the first server tag in a header of an HTTP referral communication with the placeholder tag upon redirection of the client computer from the first server to the second server communication to prevent the second server from learning an identity of the first server such that the second server receives the placeholder instead of the first server information;
upon redirection of the client computer from the second server to the first server, mapping the placeholder tag to the first server tag to produce mapping information;
determining the first server tag that maps to the placeholder tag using the mapping information; and
replacing the placeholder tag in the header of the HTTP referral communication with the first server tag upon redirection from the second server to the first server.
6. The method of claim 5, further comprising
extracting the placeholder tag from the HTTP referral communication upon redirection from the second server to the first server.
7. The method of claim 5, further comprising
verifying the placeholder tag for the second server using a security service coupled to the second server.
8. An apparatus for facilitating a blind referral, comprising:
a client computer, configured to be redirected using a referral communication from communicating with a first server to communicating with a second server, wherein the client computer comprises a blind referral module for generating a placeholder for a first server information in the referral communication and replacing the first server information in the referral communication with the placeholder upon redirection from the first server to the second server communication to prevent the second server from learning an identity of the first server such that the second server receives the placeholder instead of the first server information, wherein the placeholder comprises at least one of a hash value, a client computer identification, a service identification, a proxy server, or a random alphanumeric character string, and wherein the random alphanumeric character string comprises a set of dummy characters or a dummy address.
9. The apparatus of claim 8, further comprising
mapping information comprising the placeholder mapped to the first server information.
10. The apparatus of claim 9, wherein the blind referral module determines the first server information mapped to the placeholder using the mapping information and, upon the client computer being redirected from the second server to the first server, substitutes the placeholder in the referral communication with the first server information.
US11/864,348 2007-09-28 2007-09-28 Method and apparatus to enable confidential browser referrals Active 2028-07-22 US8156228B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US11/864,348 US8156228B1 (en) 2007-09-28 2007-09-28 Method and apparatus to enable confidential browser referrals

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US11/864,348 US8156228B1 (en) 2007-09-28 2007-09-28 Method and apparatus to enable confidential browser referrals

Publications (1)

Publication Number Publication Date
US8156228B1 true US8156228B1 (en) 2012-04-10

Family

ID=45922213

Family Applications (1)

Application Number Title Priority Date Filing Date
US11/864,348 Active 2028-07-22 US8156228B1 (en) 2007-09-28 2007-09-28 Method and apparatus to enable confidential browser referrals

Country Status (1)

Country Link
US (1) US8156228B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10341418B2 (en) * 2015-11-06 2019-07-02 Microsoft Technology Licensing, Llc Reducing network bandwidth utilization during file transfer

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6092196A (en) * 1997-11-25 2000-07-18 Nortel Networks Limited HTTP distributed remote user authentication system
US20020133613A1 (en) * 2001-03-16 2002-09-19 Teng Albert Y. Gateway metering and bandwidth management
US20030051054A1 (en) * 2000-11-13 2003-03-13 Digital Doors, Inc. Data security system and method adjunct to e-mail, browser or telecom program
US20030080997A1 (en) * 2001-10-23 2003-05-01 Marcel Fuehren Anonymous network-access method and client
US20040054898A1 (en) * 2002-08-28 2004-03-18 International Business Machines Corporation Authenticating and communicating verifiable authorization between disparate network domains
US6760758B1 (en) * 1999-08-31 2004-07-06 Qwest Communications International, Inc. System and method for coordinating network access
US20040205198A1 (en) * 2000-06-30 2004-10-14 Zellner Samuel N. Anonymous location service for wireless networks
US20050074126A1 (en) * 2002-01-29 2005-04-07 Stanko Joseph A. Single sign-on over the internet using public-key cryptography
US20060200503A1 (en) * 2005-03-03 2006-09-07 Nokia Corporation Modifying back-end web server documents at an intermediary server using directives
US20080016151A1 (en) * 2006-07-12 2008-01-17 International Business Machines Corporation Client-side aggregation of context-sensitive request results where results for aggregation are asynchronously produced by multiple servers
US20100100724A1 (en) * 2000-03-10 2010-04-22 Kaliski Jr Burton S System and method for increasing the security of encrypted secrets and authentication

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6092196A (en) * 1997-11-25 2000-07-18 Nortel Networks Limited HTTP distributed remote user authentication system
US6760758B1 (en) * 1999-08-31 2004-07-06 Qwest Communications International, Inc. System and method for coordinating network access
US20100100724A1 (en) * 2000-03-10 2010-04-22 Kaliski Jr Burton S System and method for increasing the security of encrypted secrets and authentication
US20040205198A1 (en) * 2000-06-30 2004-10-14 Zellner Samuel N. Anonymous location service for wireless networks
US20030051054A1 (en) * 2000-11-13 2003-03-13 Digital Doors, Inc. Data security system and method adjunct to e-mail, browser or telecom program
US20020133613A1 (en) * 2001-03-16 2002-09-19 Teng Albert Y. Gateway metering and bandwidth management
US20030080997A1 (en) * 2001-10-23 2003-05-01 Marcel Fuehren Anonymous network-access method and client
US20050074126A1 (en) * 2002-01-29 2005-04-07 Stanko Joseph A. Single sign-on over the internet using public-key cryptography
US20040054898A1 (en) * 2002-08-28 2004-03-18 International Business Machines Corporation Authenticating and communicating verifiable authorization between disparate network domains
US20060200503A1 (en) * 2005-03-03 2006-09-07 Nokia Corporation Modifying back-end web server documents at an intermediary server using directives
US20080016151A1 (en) * 2006-07-12 2008-01-17 International Business Machines Corporation Client-side aggregation of context-sensitive request results where results for aggregation are asynchronously produced by multiple servers

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10341418B2 (en) * 2015-11-06 2019-07-02 Microsoft Technology Licensing, Llc Reducing network bandwidth utilization during file transfer

Similar Documents

Publication Publication Date Title
US10021078B2 (en) System, apparatus and method for encryption and decryption of data transmitted over a network
US7765275B2 (en) Caching of private data for a configurable time period
US8533328B2 (en) Method and system of determining vulnerability of web application
CN101167079B (en) User affirming device and method
GB2567932A (en) Privacy-preserving identity verification
US20180212963A1 (en) Method and apparatus for accessing website
US20130263263A1 (en) Web element spoofing prevention system and method
AU2014240202B2 (en) Dynamic tokenization with multiple token tables
US10511628B1 (en) Detecting realtime phishing from a phished client or at a security server
JP5735539B2 (en) System, apparatus and method for encrypting and decrypting data transmitted over a network
US10911485B2 (en) Providing cross site request forgery protection at an edge server
US11575707B2 (en) System and method for blocking phishing attempts in computer networks
US20230247007A1 (en) Quic transport protocol-based communication method and system
KR102408205B1 (en) Method and apparatus for detecting life cycle step of website
CN107294931B (en) Method and apparatus for adjusting restricted access frequency
US8156228B1 (en) Method and apparatus to enable confidential browser referrals
CN105227519B (en) It is a kind of to have secure access to the method for webpage, client and server
US8667563B1 (en) Systems and methods for displaying personalized content
EP3588347B1 (en) Systems and methods for identifying unknown attributes of web data fragments when launching a web page in a browser
US11218551B1 (en) Method and system for user identification based on user environment
CN105262721A (en) Account authentication method and authentication device
KR102367545B1 (en) Method and system for preventing network pharming
Jakobsson et al. Legacy Servers: Teaching Old Dogs New Tricks
Kumar et al. Security Issues Through Authentication in Digital Content

Legal Events

Date Code Title Description
AS Assignment

Owner name: SYMANTEC CORPORATION, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:HERNACKI, BRIAN;SATISH, SOURABH;SIGNING DATES FROM 20070926 TO 20070927;REEL/FRAME:019903/0735

AS Assignment

Owner name: SYMANTEC CORPORATION, CALIFORNIA

Free format text: ADDRESS CHANGE OF ASSIGNEE;ASSIGNOR:SYMANTEC CORPORATION;REEL/FRAME:027803/0875

Effective date: 20090905

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8

AS Assignment

Owner name: CA, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SYMANTEC CORPORATION;REEL/FRAME:051144/0918

Effective date: 20191104

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY